[Users] Permission denied on disk image file !!
Fabian Deutsch
fabiand at redhat.com
Mon Oct 21 12:34:48 UTC 2013
Am Montag, den 21.10.2013, 20:21 +0800 schrieb Anil Dhingra:
>
> below is the output after reboot .. also after reboot we need to
> restart sanlock daemon manually every time else no spm selection &
> hosts keep on contending & fails
Do you know what the problem of the sanlock daemon is, so why it needs
to be restarted?
> [root at node1-3-3 ~]# getsebool -a | egrep -i 'nfs|sanlock'
> allow_ftpd_use_nfs --> off
> cobbler_use_nfs --> off
> git_system_use_nfs --> off
> httpd_use_nfs --> off
> qemu_use_nfs --> on
> rsync_use_nfs --> off
> samba_share_nfs --> off
> sanlock_use_fusefs --> off
> sanlock_use_nfs --> off
> sanlock_use_samba --> off
> sge_use_nfs --> off
> use_nfs_home_dirs --> on
> virt_use_nfs --> off
> virt_use_sanlock --> off
> xen_use_nfs --> off
> [root at node1-3-3 ~]# getsebool -a | egrep -i allow_execstack
> allow_execstack --> on
> [root at node1-3-3 ~]#
Seems like it was changed. Is maybe VDSM changing it?
Greetings
fabian
>
> On Mon, Oct 21, 2013 at 7:16 PM, Fabian Deutsch <fabiand at redhat.com>
> wrote:
> Am Montag, den 21.10.2013, 15:44 +0800 schrieb Anil Dhingra:
> > hi
> >
> > Permission issue is resolved after changing on openfiler NFS
> share
> > permission .but still on every reboot we need to set below
> values
> > manually
> > Any idea how to make it perm
> >
> > setsebool -P virt_use_sanlock=on
> > setsebool -P virt_use_nfs=on
>
>
> Hum ... That's interesting.
> We actually set both of them to on during the installation of
> the
> ovirt-node selinux package:
> /usr/sbin/setsebool -P allow_execstack=0 \
> virt_use_nfs=1 \
> virt_use_sanlock=1 \
> sanlock_use_nfs=1
>
> What does
> getsebool virt_use_sanlock virt_use_nfs
>
> say?
>
> - fabian
>
> >
> > On Wed, Oct 16, 2013 at 8:24 AM, Itamar Heim
> <iheim at redhat.com> wrote:
> > On 10/15/2013 11:05 AM, Anil Dhingra wrote:
> >
> > Hi Guys
> > Any know issue why we are not able to start
> VM due to
> > permission issue
> > on disk image file .. as per docs ownership
> should be
> > vdsm:kvm byt not
> > sure why its showing below
> > used - both
> ovirt-node-iso-3.0.1-1.0.1.vdsm.el6 &
> > ovirt-node-iso-3.0.1-1.0.2.vdsm.el6 same
> issue
> > [ using NFS Domain ]
> > VM n0001vdap is down. Exit message: internal
> error
> > process exited while
> > connecting to monitor: qemu-kvm: -drive
> >
> file=/rhev/data-center/d09d8a3e-8ab4-42fc-84ec-86f307d144a0/1a04e13a-0ed4-40d6-a153-f7091c65d916/images/44e3fc9b-0382-4c11-b00c-35bd74032e9a/34542412-ed50-4350-8867-0d7d5f8127fd,if=none,id=drive-virtio-disk0,format=raw,serial=44e3fc9b-0382-4c11-b00c-35bd74032e9a,cache=none,werror=stop,rerror=stop,aio=threads:
> >
> > *could not open *disk image
> >
> */rhev/data-center*/d09d8a3e-8ab4-42fc-84ec-86f307d144a0/1a04e13a-0ed4-40d6-a153-f7091c65d916/*images*/44e3fc9b-0382-4c11-b00c-35bd74032e9a/34542412-ed50-4350-8867-0d7d5f8127fd:
> > *Permission denied*
> >
> >
> > [root at node1
> 44e3fc9b-0382-4c11-b00c-35bd74032e9a]# ls
> > -lh
> > total 1.1M
> >
> > -rw-rw----+ 1 *vdsm 96* 6.0G 2013-10-15
> 05:47
> > 34542412-ed50-4350-8867-0d7d5f8127fd
> > -rw-rw----+ 1 *vdsm 96* 1.0M 2013-10-15
> 05:47
> > 34542412-ed50-4350-8867-0d7d5f8127fd.lease
> > -rw-rw-rw-+ 1 *vdsm 96* 268 2013-10-15
> 05:47
> >
> > 34542412-ed50-4350-8867-0d7d5f8127fd.meta
> > As it doesn't allow us o change permissions
> any
> > alternate way for this
> >
> > ?or do I need to manually set permissions in
> > *"/etc/libvirt/qemu.conf"*
> > alos ther is no such *group *with*"96"* ..
> so from
> > where it picks this
> >
> > config .
> > Another question is related to SELINUX
> config change
> > for below 2
> >
> > parameters to recover from error "*internal
> error
> > Failed to open socket
> > to sanlock daemon: Permission denied*" I saw
> some
> > where this is fixed
> >
> > but not sure why it appears VDSM should
> take care of
> > this auto
> > setsebool -P virt_use_sanlock=on
> > setsebool -P virt_use_nfs=on
> >
> >
> >
> >
> _______________________________________________
> > Users mailing list
> > Users at ovirt.org
> >
> http://lists.ovirt.org/mailman/listinfo/users
> >
> >
> > have you tried:
> >
> http://www.ovirt.org/wiki/Troubleshooting_NFS_Storage_Issues
> >
> >
> > _______________________________________________
> > Users mailing list
> > Users at ovirt.org
> > http://lists.ovirt.org/mailman/listinfo/users
>
>
>
>
>
More information about the Users
mailing list